Where is the pwn?

I got a spearphishing email with my daughter's name on the return address, but from a different account, asking me to check out a website. She has an iPhone and MacBook. I have an iPhone and MacBook Pro.

So they acquired my email address and her name.

I told her they could have gotten them from sniffing our traffic on public networks or because one of our devices is pwned.

I got a spearphishing email with my daughter's name on the return address, but from a different account, asking me to check out a website. She has an iPhone and MacBook. I have an iPhone and MacBook Pro.

So they acquired my email address and her name.

I told her they could have gotten them from sniffing our traffic on public networks or because one of our devices is pwned.

Any hints as to which and suggestions for bumping security?

It's much more likely someone's email password has been guessed. Do you have an online email account such as Gmail or Yahoo...? Make sure your password isn't guessable. Ideal passwords are like : iH1NLw6pabjwI

"Sniffing traffic" is time consuming and unless you have a specific, high-value target it's unlikely.

Given you have iPhones and MacBooks it's unlikely they have been "pwned". Again, this is time-consuming and unless you are going for a specific target it's very rare.

It's much more likely someone's email password has been guessed. Do you have an online email account such as Gmail or Yahoo...? Make sure your password isn't guessable. Ideal passwords are like : iH1NLw6pabjwI

Less likely guessed than reused on a site that was compromised, and most webmail sites encourage you to share your address book, so... Even then the email wasn't from her account which you think would be more likely if it was actually compromised, so maybe they just scraped your email addresses from somewhere.

You can run something like ClamXAV if you want more peace of mind but as long as you're up to date on OS versions (e.g. java exploits patched, etc.) it'd be pretty surprising if you were actually pwned.

Compromise of your computers is very unlikely. Man-in-the-middle attack even more unlikely.

As has been noted before, probably some account of yours or your daughters has been password-guessed. It may have been even a relative or family friend that has both your email addresses who had their gmail account or some such compromised. In fact, I'd guess that's as likely as one of your accounts, especially if this is the only such email that has been sent to either of you.

I got a spearphishing email with my daughter's name on the return address, but from a different account, asking me to check out a website. She has an iPhone and MacBook. I have an iPhone and MacBook Pro.

So they acquired my email address and her name.

I told her they could have gotten them from sniffing our traffic on public networks or because one of our devices is pwned.

Any hints as to which and suggestions for bumping security?

It used to be that this was indicative that someone's Windows machine had a trojan on it that sent out spam. It would have been somebody who had both you and your daughter in their address book, but NOT either of your machines.

OK, use a strong pw for webmail, especially if you put your address book on line, and secure your Facebook account.

I've been getting a lot more of these recently, but they were from Windows users, and I just assumed there was a rash of Windows pwnage. In retrospect, that seems unlikely given the increased security in Windows 7.

I've been running Windows 7 recently in Fusion and Bootcamp, and note that it still doesn't ask me for a pw when installing software, in many cases. In Macs, that pw request always comes last before installing, and at that point you know you had better trust the software you're installing. Not any fancy programming required to implement, but takes careful consideration about the front end, which is one reason we like Macs.

I've been running Windows 7 recently in Fusion and Bootcamp, and note that it still doesn't ask me for a pw when installing software, in many cases. In Macs, that pw request always comes last before installing, and at that point you know you had better trust the software you're installing. Not any fancy programming required to implement, but takes careful consideration about the front end, which is one reason we like Macs.

In Windows 7 and later, Windows (tries to?) detect if an action requiring administrator privileges was the result of a user explicitly requesting it, or a program automatically doing something without the user's knowledge, and only explicitly requests privilege escalation (when running as an admin) if it's not your own doing. MS changed this in response to the complaints about User Account Control (UAC) in Vista. Personally, I change it to 'always ask' (search for user account control in Control Panel), and run as a standard user rather than an admin.

I've been getting a lot more of these recently, but they were from Windows users, and I just assumed there was a rash of Windows pwnage. In retrospect, that seems unlikely given the increased security in Windows 7.

Windows XP's marketshare is still north of 40% of all personal computers, IIRC. I get a lot of these emails too. There was a relatively recent exploit of Yahoo! Mail (my dad got hit by it), and that explains some of the jump. Many of the emails I get are from people who used to use Yahoo! addresses. Even if they moved to a different service, their contact list has already been stolen.